Top10 publishers:
bobrov107 
sp1d3rs54 
jobert45 
bl4de39 
bigbear_38 
guido38 Twitter
isox36 
4lemon35 
linkks35 
geeknik35 

the unofficial HackerOne disclosure timeline.

X
Chaturbate disclosed a bug submitted by testingforbugs 
Unrestricted POST request size on /customer_support/information_form/ endpoint
01 May 2019 timeline
Vanilla disclosed a bug submitted by jameelnabbo 
XSS: Group search terms
01 May 2019 timeline
Shipt disclosed a bug submitted by codeslayer137 
Price manipulation via fraction values (Parameter Tampering)
01 May 2019 timeline
Zomato disclosed a bug submitted by yashrs 
Open AWS S3 bucket leaks all Images uploaded to Zomato chat
01 May 2019 timeline
Chaturbate disclosed a bug submitted by teuvokas 
DoS attacks utilizing camo.stream.highwebmedia.com
01 May 2019 timeline
Zomato disclosed a bug submitted by khoiasd 
[www.zomato.com] Blind XSS in one of the admin dashboard
01 May 2019 timeline
Grammarly disclosed a bug submitted by sarmadkhan 
Reflected Cross Site Scripting (XSS)
30 Apr 2019 timeline
Grammarly disclosed a bug submitted by metnew 
Emails from Grammarly missing sanitization(lack of validation?) -> HTML injection in emails
30 Apr 2019 timeline
Grammarly disclosed a bug submitted by metnew 
"More on Wikipedia" link disclose "Referrer" and leak `window.opener` reference for arbitrary websites
30 Apr 2019 timeline
Node.js third-party modules disclosed a bug submitted by ronperris 
[finalhandler] Insecure Default Configuration
29 Apr 2019 timeline
Twitter disclosed a bug submitted by rahulkankrale 
Twitter lite(Android): Vulnerable to local file steal, Javascript injection, Open redirect
29 Apr 2019 timeline
Ubiquiti Networks disclosed a bug submitted by ajxchapman 
UniFi Video Server web interface Configuration Restore CSRF leading to full application compromise
28 Apr 2019 timeline
Node.js third-party modules disclosed a bug submitted by lxndr 
A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module for decoding
28 Apr 2019 timeline
Udemy disclosed a bug submitted by toannc123 
[affiliates.udemy.com] Wordpress user admin information discloure
28 Apr 2019 timeline
Slack disclosed a bug submitted by zemnmez 
XSS in gist integration
28 Apr 2019 timeline
VK.com disclosed a bug submitted by page1337 
???????? ?????? ? ???????? ??????????, ??????? ????????? ? ????????? ???????
26 Apr 2019 timeline
Udemy disclosed a bug submitted by salmon 
S3 bucket unnecessarily discloses permissions
26 Apr 2019 timeline
Discourse disclosed a bug submitted by karimpwnz 
Employee's GitHub Token Found In Travis CI Build Logs
25 Apr 2019 timeline
Khan Academy disclosed a bug submitted by tom2468101214 
Users can make accounts with a fake email address.
25 Apr 2019 timeline
Twitter disclosed a bug submitted by filedescriptor 
[Urgent] Invalidating OAuth2 Bearer token makes TweetDeck unavailable
25 Apr 2019 timeline
1 ... 3 4 5 6 7 ... 339
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM